Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Another isearch victim[CLOSED]

Started by crazybrker , Apr 25 2005 04:14 PM

  • This topic is locked This topic is locked

#1
crazybrker
Posted 25 April 2005 - 04:14 PM

crazybrker

    New Member

  • Member
  • Pip
  • 2 posts
So I finally got rid of my vdmt16 haxdoor.trojan that prevented me from running any spyware stuff always got the BSOD with each check. With that out of the way.

First I updated all my deffinitions, I have run cleanup! Reboot into safe mode, Run spybot S&D, Ad-Aware SE, Norton AV 2005, And Spyware Doctor. Rebooted into safe mode agian. Still getting pop ups and Ad-Aware said i still have I-Search. I also have this little Red circle with a white X in the middle saying Desktop items are authorized or somthing like that. Every reboot it puts casino, gambling, and many other [bleep] links on my desktop. Can you please help me ASAP. Thank you guys so much. This is what HJT said

Logfile of HijackThis v1.99.1
Scan saved at 2:55:16 PM, on 4/25/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\hjt\hijackthis1991.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://81.222.131.49/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DANNYL~1\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.newgenlook.info/ad/ad0179/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://81.222.131.49/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\DANNYL~1\LOCALS~1\Temp\se.dll/spage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://81.222.131.49/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://81.222.131.49/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://81.222.131.49/index.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {7AFD62F0-F051-469E-8D93-F307B41FB896} - C:\WINDOWS\System32\mlah.dll (file missing)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {FFFFDA2C-A0D5-4D60-8EE1-1B7F8929E24D} - C:\Program Files\Lycos\sst.dll (file missing)
O3 - Toolbar: ZeroBar - {F5735C15-1FB2-41FE-BA12-242757E69DDE} - C:\Program Files\NetZero\Toolbar.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CountrySelection] pctptt.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKLM\..\Run: [Pbp] C:\WINDOWS\Tnb.exe
O4 - HKLM\..\Run: [atipatxx] C:\WINDOWS\System32\atipatxx.exe
O4 - HKLM\..\Run: [Mvq] C:\WINDOWS\System32\Fuc.exe
O4 - HKLM\..\Run: [Mmk] C:\WINDOWS\Dgb.exe
O4 - HKLM\..\Run: [Cjc] C:\WINDOWS\Eju.exe
O4 - HKLM\..\Run: [Vee] C:\WINDOWS\Ipf.exe
O4 - HKLM\..\Run: [Qll] C:\WINDOWS\Rcs.exe
O4 - HKLM\..\Run: [Eur] C:\WINDOWS\Bsp.exe
O4 - HKLM\..\Run: [Ueu] C:\WINDOWS\System32\Hba.exe
O4 - HKLM\..\Run: [Vov] C:\WINDOWS\System32\Ufh.exe
O4 - HKLM\..\Run: [Ttv] C:\WINDOWS\Dce.exe
O4 - HKLM\..\Run: [Ggr] C:\WINDOWS\System32\Ebj.exe
O4 - HKLM\..\Run: [Vvn] C:\WINDOWS\System32\Lff.exe
O4 - HKLM\..\Run: [Luf] C:\WINDOWS\System32\Klg.exe
O4 - HKLM\..\Run: [Ign] C:\WINDOWS\Aif.exe
O4 - HKLM\..\Run: [Nrp] C:\WINDOWS\System32\Okq.exe
O4 - HKLM\..\Run: [Bhd] C:\WINDOWS\System32\Qeq.exe
O4 - HKLM\..\Run: [Nth] C:\WINDOWS\System32\Gjn.exe
O4 - HKLM\..\Run: [Ueh] C:\WINDOWS\System32\Rpl.exe
O4 - HKLM\..\Run: [Gpo] C:\WINDOWS\System32\Nuh.exe
O4 - HKLM\..\Run: [Qje] C:\WINDOWS\Kpl.exe
O4 - HKLM\..\Run: [Jrf] C:\WINDOWS\Cou.exe
O4 - HKLM\..\Run: [Tok] C:\WINDOWS\Kec.exe
O4 - HKLM\..\Run: [Hmn] C:\WINDOWS\Dbc.exe
O4 - HKLM\..\Run: [Nrn] C:\WINDOWS\System32\Tbk.exe
O4 - HKLM\..\Run: [Rsf] C:\WINDOWS\Fql.exe
O4 - HKLM\..\Run: [Cqk] C:\WINDOWS\Nhg.exe
O4 - HKLM\..\Run: [Qgd] C:\WINDOWS\System32\Dso.exe
O4 - HKLM\..\Run: [Che] C:\WINDOWS\System32\Nkj.exe
O4 - HKLM\..\Run: [Vmu] C:\WINDOWS\System32\Kuf.exe
O4 - HKLM\..\Run: [Tgr] C:\WINDOWS\System32\Krc.exe
O4 - HKLM\..\Run: [Bov] C:\WINDOWS\System32\Vhv.exe
O4 - HKLM\..\Run: [Ace] C:\WINDOWS\Ljf.exe
O4 - HKLM\..\Run: [Qst] C:\WINDOWS\System32\Shn.exe
O4 - HKLM\..\Run: [Ogb] C:\WINDOWS\System32\Vjs.exe
O4 - HKLM\..\Run: [Bqf] C:\WINDOWS\System32\Dkk.exe
O4 - HKLM\..\Run: [Pcl] C:\WINDOWS\Vsq.exe
O4 - HKLM\..\Run: [Fgf] C:\WINDOWS\System32\Njg.exe
O4 - HKLM\..\Run: [Mcv] C:\WINDOWS\Vdm.exe
O4 - HKLM\..\Run: [Qja] C:\WINDOWS\System32\Jdg.exe
O4 - HKLM\..\Run: [Mmp] C:\WINDOWS\Vdm.exe
O4 - HKLM\..\Run: [Inf] C:\WINDOWS\System32\Ifa.exe
O4 - HKLM\..\Run: [Kmp] C:\WINDOWS\Spu.exe
O4 - HKLM\..\Run: [Kel] C:\WINDOWS\System32\Shp.exe
O4 - HKLM\..\Run: [Kcc] C:\WINDOWS\Qgs.exe
O4 - HKLM\..\Run: [Rbi] C:\WINDOWS\Aco.exe
O4 - HKLM\..\Run: [Qpb] C:\WINDOWS\Pqe.exe
O4 - HKLM\..\Run: [Mfk] C:\WINDOWS\System32\Ope.exe
O4 - HKLM\..\Run: [Vrv] C:\WINDOWS\Aoh.exe
O4 - HKLM\..\Run: [Kov] C:\WINDOWS\System32\Jlj.exe
O4 - HKLM\..\Run: [Plm] C:\WINDOWS\System32\Isu.exe
O4 - HKLM\..\Run: [Qmo] C:\WINDOWS\System32\Uph.exe
O4 - HKLM\..\Run: [Gio] C:\WINDOWS\System32\Kdk.exe
O4 - HKLM\..\Run: [Igh] C:\WINDOWS\Uai.exe
O4 - HKLM\..\Run: [Tdq] C:\WINDOWS\Nve.exe
O4 - HKLM\..\Run: [Afk] C:\WINDOWS\System32\Nja.exe
O4 - HKLM\..\Run: [Lav] C:\WINDOWS\System32\Pqc.exe
O4 - HKLM\..\Run: [Mht] C:\WINDOWS\System32\Pvg.exe
O4 - HKLM\..\Run: [Qki] C:\WINDOWS\Uii.exe
O4 - HKLM\..\Run: [Noj] C:\WINDOWS\System32\Vnp.exe
O4 - HKLM\..\Run: [Crg] C:\WINDOWS\Spu.exe
O4 - HKLM\..\Run: [Pah] C:\WINDOWS\System32\Iga.exe
O4 - HKLM\..\Run: [Reu] C:\WINDOWS\Rle.exe
O4 - HKLM\..\Run: [Qlb] C:\WINDOWS\Rsi.exe
O4 - HKLM\..\Run: [Rsi] C:\WINDOWS\System32\Smr.exe
O4 - HKLM\..\Run: [Kek] C:\WINDOWS\System32\Kac.exe
O4 - HKLM\..\Run: [Pde] C:\WINDOWS\System32\Npa.exe
O4 - HKLM\..\Run: [Ibk] C:\WINDOWS\Luj.exe
O4 - HKLM\..\Run: [Qgb] C:\WINDOWS\Jeb.exe
O4 - HKLM\..\Run: [Tlo] C:\WINDOWS\System32\Uud.exe
O4 - HKLM\..\Run: [Rdf] C:\WINDOWS\System32\Jno.exe
O4 - HKLM\..\Run: [Hml] C:\WINDOWS\Bom.exe
O4 - HKLM\..\Run: [Scd] C:\WINDOWS\System32\Mtk.exe
O4 - HKLM\..\Run: [Qpq] C:\WINDOWS\System32\Ibp.exe
O4 - HKLM\..\Run: [Eio] C:\WINDOWS\System32\Vbd.exe
O4 - HKLM\..\Run: [Dfv] C:\WINDOWS\System32\Pkh.exe
O4 - HKLM\..\Run: [Uqq] C:\WINDOWS\System32\Eum.exe
O4 - HKLM\..\Run: [Hlv] C:\WINDOWS\Hve.exe
O4 - HKLM\..\Run: [Dle] C:\WINDOWS\System32\Ati.exe
O4 - HKLM\..\Run: [Tku] C:\WINDOWS\Fjr.exe
O4 - HKLM\..\Run: [Tsp] C:\WINDOWS\Vjq.exe
O4 - HKLM\..\Run: [Pvt] C:\WINDOWS\System32\Msm.exe
O4 - HKLM\..\Run: [Rkr] C:\WINDOWS\Vjh.exe
O4 - HKLM\..\Run: [Lkv] C:\WINDOWS\Mbj.exe
O4 - HKLM\..\Run: [Iut] C:\WINDOWS\Epc.exe
O4 - HKLM\..\Run: [Nan] C:\WINDOWS\System32\Ctp.exe
O4 - HKLM\..\Run: [Bft] C:\WINDOWS\System32\Tvc.exe
O4 - HKLM\..\Run: [Gni] C:\WINDOWS\Vvs.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Cpe] C:\WINDOWS\System32\Ofo.exe
O4 - HKLM\..\Run: [Thq] C:\WINDOWS\System32\Kjo.exe
O4 - HKLM\..\Run: [Ofi] C:\WINDOWS\Gad.exe
O4 - HKLM\..\Run: [Brr] C:\WINDOWS\Adj.exe
O4 - HKLM\..\Run: [Ifp] C:\WINDOWS\System32\Tij.exe
O4 - HKLM\..\Run: [Qqr] C:\WINDOWS\Jdp.exe
O4 - HKLM\..\Run: [Dem] C:\WINDOWS\System32\Bub.exe
O4 - HKLM\..\Run: [Usm] C:\WINDOWS\Jbd.exe
O4 - HKLM\..\Run: [Bbg] C:\WINDOWS\Smm.exe
O4 - HKLM\..\Run: [Vka] C:\WINDOWS\Odd.exe
O4 - HKLM\..\Run: [Qmf] C:\WINDOWS\Jtm.exe
O4 - HKLM\..\Run: [Fue] C:\WINDOWS\System32\Luk.exe
O4 - HKLM\..\Run: [Qas] C:\WINDOWS\System32\Svg.exe
O4 - HKLM\..\Run: [Ffh] C:\WINDOWS\System32\Mep.exe
O4 - HKLM\..\Run: [Sgg] C:\WINDOWS\System32\Bpf.exe
O4 - HKLM\..\Run: [Ksk] C:\WINDOWS\Mou.exe
O4 - HKLM\..\Run: [Fer] C:\WINDOWS\Gfe.exe
O4 - HKLM\..\Run: [Kko] C:\WINDOWS\System32\Tth.exe
O4 - HKLM\..\Run: [Vlp] C:\WINDOWS\Vqc.exe
O4 - HKLM\..\Run: [Cbs] C:\WINDOWS\Urg.exe
O4 - HKLM\..\Run: [Adu] C:\WINDOWS\System32\Rfv.exe
O4 - HKLM\..\Run: [Bot] C:\WINDOWS\Trn.exe
O4 - HKLM\..\Run: [Bqm] C:\WINDOWS\System32\Uog.exe
O4 - HKLM\..\Run: [Gal] C:\WINDOWS\System32\Apt.exe
O4 - HKLM\..\Run: [Tdn] C:\WINDOWS\Ocs.exe
O4 - HKLM\..\Run: [Tbm] C:\WINDOWS\System32\Emj.exe
O4 - HKLM\..\Run: [Ode] C:\WINDOWS\System32\Qgu.exe
O4 - HKLM\..\Run: [Kqe] C:\WINDOWS\Hnb.exe
O4 - HKLM\..\Run: [Clc] C:\WINDOWS\Jst.exe
O4 - HKLM\..\Run: [Smq] C:\WINDOWS\Sfs.exe
O4 - HKLM\..\Run: [Pnj] C:\WINDOWS\System32\Kie.exe
O4 - HKLM\..\Run: [Eug] C:\WINDOWS\Mqp.exe
O4 - HKLM\..\Run: [Iqj] C:\WINDOWS\System32\Rjv.exe
O4 - HKLM\..\Run: [Bbb] C:\WINDOWS\Lil.exe
O4 - HKLM\..\Run: [Ejg] C:\WINDOWS\System32\Dje.exe
O4 - HKLM\..\Run: [Mpt] C:\WINDOWS\Qvr.exe
O4 - HKLM\..\Run: [Gfr] C:\WINDOWS\Vgv.exe
O4 - HKLM\..\Run: [Qvd] C:\WINDOWS\Hgg.exe
O4 - HKLM\..\Run: [Sds] C:\WINDOWS\Qbd.exe
O4 - HKLM\..\Run: [Ahg] C:\WINDOWS\Jsk.exe
O4 - HKLM\..\Run: [Flg] C:\WINDOWS\System32\Rtg.exe
O4 - HKLM\..\Run: [Jhe] C:\WINDOWS\Lod.exe
O4 - HKLM\..\Run: [Nud] C:\WINDOWS\System32\Ndi.exe
O4 - HKLM\..\Run: [Ulb] C:\WINDOWS\Lcd.exe
O4 - HKLM\..\Run: [Prn] C:\WINDOWS\Jit.exe
O4 - HKLM\..\Run: [Icn] C:\WINDOWS\System32\Uar.exe
O4 - HKLM\..\Run: [Hnf] C:\WINDOWS\Fln.exe
O4 - HKLM\..\Run: [Ofu] C:\WINDOWS\System32\Rkg.exe
O4 - HKLM\..\Run: [Kke] C:\WINDOWS\System32\Afe.exe
O4 - HKLM\..\Run: [Eek] C:\WINDOWS\System32\Ieh.exe
O4 - HKLM\..\Run: [Bks] C:\WINDOWS\Fdc.exe
O4 - HKLM\..\Run: [Eeb] C:\WINDOWS\System32\Cna.exe
O4 - HKLM\..\Run: [Mic] C:\WINDOWS\System32\Lgv.exe
O4 - HKLM\..\Run: [Bvm] C:\WINDOWS\Tlu.exe
O4 - HKLM\..\Run: [Opg] C:\WINDOWS\System32\Les.exe
O4 - HKLM\..\Run: [Lsu] C:\WINDOWS\System32\Vgs.exe
O4 - HKLM\..\Run: [Gij] C:\WINDOWS\Stu.exe
O4 - HKLM\..\Run: [Udc] C:\WINDOWS\System32\Bks.exe
O4 - HKLM\..\Run: [Mrt] C:\WINDOWS\System32\Koe.exe
O4 - HKLM\..\Run: [Hup] C:\WINDOWS\Ajm.exe
O4 - HKLM\..\Run: [Ohh] C:\WINDOWS\Rrh.exe
O4 - HKLM\..\Run: [Gjd] C:\WINDOWS\Gdi.exe
O4 - HKLM\..\Run: [Php] C:\WINDOWS\Duq.exe
O4 - HKLM\..\Run: [Ltk] C:\WINDOWS\System32\Mrs.exe
O4 - HKLM\..\Run: [Vap] C:\WINDOWS\System32\Lpq.exe
O4 - HKLM\..\Run: [Ufr] C:\WINDOWS\Cja.exe
O4 - HKLM\..\Run: [Snu] C:\WINDOWS\Equ.exe
O4 - HKLM\..\Run: [Lvo] C:\WINDOWS\Rmf.exe
O4 - HKLM\..\Run: [Uah] C:\WINDOWS\System32\Onn.exe
O4 - HKLM\..\Run: [Qdv] C:\WINDOWS\System32\Kqt.exe
O4 - HKLM\..\Run: [Tsq] C:\WINDOWS\System32\Faj.exe
O4 - HKLM\..\Run: [Hiu] C:\WINDOWS\Fsq.exe
O4 - HKLM\..\Run: [Vok] C:\WINDOWS\System32\Qih.exe
O4 - HKLM\..\Run: [Gir] C:\WINDOWS\Fct.exe
O4 - HKLM\..\Run: [Nho] C:\WINDOWS\System32\Pso.exe
O4 - HKLM\..\Run: [Abm] C:\WINDOWS\Vhe.exe
O4 - HKLM\..\Run: [Tid] C:\WINDOWS\System32\Cjk.exe
O4 - HKLM\..\Run: [Njb] C:\WINDOWS\Gof.exe
O4 - HKLM\..\Run: [Oug] C:\WINDOWS\Tht.exe
O4 - HKLM\..\Run: [Opf] C:\WINDOWS\Uta.exe
O4 - HKLM\..\Run: [Gpj] C:\WINDOWS\System32\Aou.exe
O4 - HKLM\..\Run: [Jff] C:\WINDOWS\System32\Pjv.exe
O4 - HKLM\..\Run: [Iaa] C:\WINDOWS\Npr.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Kbr] C:\WINDOWS\Ooq.exe
O4 - HKLM\..\Run: [Asm] C:\WINDOWS\Dnk.exe
O4 - HKLM\..\Run: [Rem] C:\WINDOWS\System32\Cbb.exe
O4 - HKLM\..\Run: [Gme] C:\WINDOWS\System32\Gll.exe
O4 - HKLM\..\Run: [Ikd] C:\WINDOWS\System32\Ivd.exe
O4 - HKLM\..\Run: [Som] C:\WINDOWS\System32\Vlf.exe
O4 - HKLM\..\Run: [Nfs] C:\WINDOWS\Htu.exe
O4 - HKLM\..\Run: [Ptu] C:\WINDOWS\Gco.exe
O4 - HKLM\..\Run: [Snn] C:\WINDOWS\Bds.exe
O4 - HKLM\..\Run: [Jvd] C:\WINDOWS\System32\Lfs.exe
O4 - HKLM\..\Run: [Nob] C:\WINDOWS\Hvm.exe
O4 - HKLM\..\Run: [Mnt] C:\WINDOWS\System32\Njd.exe
O4 - HKLM\..\Run: [Kai] C:\WINDOWS\Ijv.exe
O4 - HKLM\..\Run: [Cdb] C:\WINDOWS\Rqd.exe
O4 - HKLM\..\Run: [Bui] C:\WINDOWS\Sjh.exe
O4 - HKLM\..\Run: [Epi] C:\WINDOWS\System32\Skr.exe
O4 - HKLM\..\Run: [Qtt] C:\WINDOWS\System32\Dag.exe
O4 - HKLM\..\Run: [Via] C:\WINDOWS\Ouo.exe
O4 - HKLM\..\Run: [Mcl] C:\WINDOWS\System32\Mjm.exe
O4 - HKLM\..\Run: [Lsp] C:\WINDOWS\Tun.exe
O4 - HKLM\..\Run: [Mbe] C:\WINDOWS\Dmh.exe
O4 - HKLM\..\Run: [Sov] C:\WINDOWS\Sjt.exe
O4 - HKLM\..\Run: [Sro] C:\WINDOWS\Irh.exe
O4 - HKLM\..\Run: [Jcu] C:\WINDOWS\Lju.exe
O4 - HKLM\..\Run: [Rqa] C:\WINDOWS\System32\Ocs.exe
O4 - HKLM\..\Run: [Pfi] C:\WINDOWS\Hae.exe
O4 - HKLM\..\Run: [Pfv] C:\WINDOWS\Qpn.exe
O4 - HKLM\..\Run: [Ljv] C:\WINDOWS\System32\Srm.exe
O4 - HKLM\..\Run: [Krt] C:\WINDOWS\Jfk.exe
O4 - HKLM\..\Run: [Rpt] C:\WINDOWS\Qnn.exe
O4 - HKLM\..\Run: [Umj] C:\WINDOWS\System32\Jlv.exe
O4 - HKLM\..\Run: [Dkq] C:\WINDOWS\System32\Klk.exe
O4 - HKLM\..\Run: [Igi] C:\WINDOWS\System32\Ecv.exe
O4 - HKLM\..\Run: [Kta] C:\WINDOWS\Tno.exe
O4 - HKLM\..\Run: [Grc] C:\WINDOWS\System32\Acp.exe
O4 - HKLM\..\Run: [Nbj] C:\WINDOWS\Jnv.exe
O4 - HKLM\..\Run: [Nom] C:\WINDOWS\System32\Ogo.exe
O4 - HKLM\..\Run: [Nbc] C:\WINDOWS\Dqg.exe
O4 - HKLM\..\Run: [Ihv] C:\WINDOWS\Dum.exe
O4 - HKLM\..\Run: [Uub] C:\WINDOWS\Bps.exe
O4 - HKLM\..\Run: [Ssj] C:\WINDOWS\System32\Fnr.exe
O4 - HKLM\..\Run: [Frd] C:\WINDOWS\System32\Lsv.exe
O4 - HKLM\..\Run: [Hbm] C:\WINDOWS\System32\Amp.exe
O4 - HKLM\..\Run: [Efv] C:\WINDOWS\Plh.exe
O4 - HKLM\..\Run: [Kbq] C:\WINDOWS\Iog.exe
O4 - HKLM\..\Run: [Ogu] C:\WINDOWS\Nti.exe
O4 - HKLM\..\Run: [Krf] C:\WINDOWS\System32\Oka.exe
O4 - HKLM\..\Run: [Qfo] C:\WINDOWS\System32\Apq.exe
O4 - HKLM\..\Run: [Qfr] C:\WINDOWS\System32\Etu.exe
O4 - HKLM\..\Run: [Koa] C:\WINDOWS\Cci.exe
O4 - HKLM\..\Run: [Qin] C:\WINDOWS\System32\Nom.exe
O4 - HKLM\..\Run: [Tdo] C:\WINDOWS\Pro.exe
O4 - HKLM\..\Run: [Klm] C:\WINDOWS\Jnv.exe
O4 - HKLM\..\Run: [Mqb] C:\WINDOWS\Ghc.exe
O4 - HKLM\..\Run: [Hkb] C:\WINDOWS\System32\Baj.exe
O4 - HKLM\..\Run: [Ekt] C:\WINDOWS\Iod.exe
O4 - HKLM\..\Run: [Cnh] C:\WINDOWS\Opr.exe
O4 - HKLM\..\Run: [Aoo] C:\WINDOWS\System32\Alk.exe
O4 - HKLM\..\Run: [Pln] C:\WINDOWS\Mdd.exe
O4 - HKLM\..\Run: [Ukl] C:\WINDOWS\Udb.exe
O4 - HKLM\..\Run: [Vnv] C:\WINDOWS\Kdd.exe
O4 - HKLM\..\Run: [Anf] C:\WINDOWS\Ocr.exe
O4 - HKLM\..\Run: [Tfi] C:\WINDOWS\Kgi.exe
O4 - HKLM\..\Run: [Jul] C:\WINDOWS\System32\Boh.exe
O4 - HKLM\..\Run: [Thc] C:\WINDOWS\Cig.exe
O4 - HKLM\..\Run: [Nau] C:\WINDOWS\Nho.exe
O4 - HKLM\..\Run: [Fbr] C:\WINDOWS\System32\Npo.exe
O4 - HKLM\..\Run: [Mvb] C:\WINDOWS\Hjn.exe
O4 - HKLM\..\Run: [Seo] C:\WINDOWS\Nkn.exe
O4 - HKLM\..\Run: [Gjq] C:\WINDOWS\Kvo.exe
O4 - HKLM\..\Run: [Aju] C:\WINDOWS\Gvr.exe
O4 - HKLM\..\Run: [Sml] C:\WINDOWS\Clq.exe
O4 - HKLM\..\Run: [Fnl] C:\WINDOWS\Rlu.exe
O4 - HKLM\..\Run: [Qjd] C:\WINDOWS\Jcu.exe
O4 - HKLM\..\Run: [Inr] C:\WINDOWS\System32\Gnm.exe
O4 - HKLM\..\Run: [Ala] C:\WINDOWS\System32\Lke.exe
O4 - HKLM\..\Run: [Hdc] C:\WINDOWS\System32\Dds.exe
O4 - HKLM\..\Run: [Bmf] C:\WINDOWS\Tan.exe
O4 - HKLM\..\Run: [Sir] C:\WINDOWS\Hoi.exe
O4 - HKLM\..\Run: [Nls] C:\WINDOWS\Nrd.exe
O4 - HKLM\..\Run: [Qku] C:\WINDOWS\System32\Kgf.exe
O4 - HKLM\..\Run: [Fku] C:\WINDOWS\System32\Fbt.exe
O4 - HKLM\..\Run: [Sfd] C:\WINDOWS\System32\Nkq.exe
O4 - HKLM\..\Run: [Svo] C:\WINDOWS\Uab.exe
O4 - HKLM\..\Run: [Dbs] C:\WINDOWS\Cae.exe
O4 - HKLM\..\Run: [Hhl] C:\WINDOWS\System32\Qjj.exe
O4 - HKLM\..\Run: [Pku] C:\WINDOWS\Jru.exe
O4 - HKLM\..\Run: [Gea] C:\WINDOWS\System32\Qfj.exe
O4 - HKLM\..\Run: [Dqc] C:\WINDOWS\Jji.exe
O4 - HKLM\..\Run: [Ltb] C:\WINDOWS\Lqe.exe
O4 - HKLM\..\Run: [Css] C:\WINDOWS\System32\Llg.exe
O4 - HKLM\..\Run: [Odh] C:\WINDOWS\System32\Doc.exe
O4 - HKLM\..\Run: [Bcc] C:\WINDOWS\Ctc.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Kpi] C:\WINDOWS\Vtf.exe
O4 - HKLM\..\Run: [yhggwrp] c:\windows\system32\vbslmb.exe
O4 - HKLM\..\RunServices: [atipatxx] C:\WINDOWS\System32\atipatxx.exe
O4 - HKLM\..\RunOnce: [LUSETUP-LT] C:\PROGRA~1\Symantec\LIVEUP~1\LUSETU~1.EXE -s -a -q -log
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [NetZero_uoltray] C:\Program Files\NetZero\exec.exe regrun
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [Pbp] C:\WINDOWS\Tnb.exe
O4 - HKCU\..\Run: [atipatxx] C:\WINDOWS\System32\atipatxx.exe
O4 - HKCU\..\Run: [WindowsFY] c:\wp.exe
O4 - HKCU\..\Run: [Mvq] C:\WINDOWS\System32\Fuc.exe
O4 - HKCU\..\Run: [Mmk] C:\WINDOWS\Dgb.exe
O4 - HKCU\..\Run: [Cjc] C:\WINDOWS\Eju.exe
O4 - HKCU\..\Run: [Vee] C:\WINDOWS\Ipf.exe
O4 - HKCU\..\Run: [Qll] C:\WINDOWS\Rcs.exe
O4 - HKCU\..\Run: [Mjp] C:\WINDOWS\Fas.exe
O4 - HKCU\..\Run: [Raj] C:\WINDOWS\System32\Jgd.exe
O4 - HKCU\..\Run: [Eur] C:\WINDOWS\Bsp.exe
O4 - HKCU\..\Run: [Ueu] C:\WINDOWS\System32\Hba.exe
O4 - HKCU\..\Run: [Vov] C:\WINDOWS\System32\Ufh.exe
O4 - HKCU\..\Run: [Ttv] C:\WINDOWS\Dce.exe
O4 - HKCU\..\Run: [Aih] C:\WINDOWS\Vsl.exe
O4 - HKCU\..\Run: [Ggr] C:\WINDOWS\System32\Ebj.exe
O4 - HKCU\..\Run: [Vvn] C:\WINDOWS\System32\Lff.exe
O4 - HKCU\..\Run: [Luf] C:\WINDOWS\System32\Klg.exe
O4 - HKCU\..\Run: [Ign] C:\WINDOWS\Aif.exe
O4 - HKCU\..\Run: [Nrp] C:\WINDOWS\System32\Okq.exe
O4 - HKCU\..\Run: [Bhd] C:\WINDOWS\System32\Qeq.exe
O4 - HKCU\..\Run: [Nth] C:\WINDOWS\System32\Gjn.exe
O4 - HKCU\..\Run: [Ueh] C:\WINDOWS\System32\Rpl.exe
O4 - HKCU\..\Run: [Gpo] C:\WINDOWS\System32\Nuh.exe
O4 - HKCU\..\Run: [Qje] C:\WINDOWS\Kpl.exe
O4 - HKCU\..\Run: [Jrf] C:\WINDOWS\Cou.exe
O4 - HKCU\..\Run: [Tok] C:\WINDOWS\Kec.exe
O4 - HKCU\..\Run: [Hmn] C:\WINDOWS\Dbc.exe
O4 - HKCU\..\Run: [Nrn] C:\WINDOWS\System32\Tbk.exe
O4 - HKCU\..\Run: [Rsf] C:\WINDOWS\Fql.exe
O4 - HKCU\..\Run: [Cqk] C:\WINDOWS\Nhg.exe
O4 - HKCU\..\Run: [Qgd] C:\WINDOWS\System32\Dso.exe
O4 - HKCU\..\Run: [Che] C:\WINDOWS\System32\Nkj.exe
O4 - HKCU\..\Run: [Vmu] C:\WINDOWS\System32\Kuf.exe
O4 - HKCU\..\Run: [Tgr] C:\WINDOWS\System32\Krc.exe
O4 - HKCU\..\Run: [Bov] C:\WINDOWS\System32\Vhv.exe
O4 - HKCU\..\Run: [Ace] C:\WINDOWS\Ljf.exe
O4 - HKCU\..\Run: [Qst] C:\WINDOWS\System32\Shn.exe
O4 - HKCU\..\Run: [Ogb] C:\WINDOWS\System32\Vjs.exe
O4 - HKCU\..\Run: [Bqf] C:\WINDOWS\System32\Dkk.exe
O4 - HKCU\..\Run: [Pcl] C:\WINDOWS\Vsq.exe
O4 - HKCU\..\Run: [Fgf] C:\WINDOWS\System32\Njg.exe
O4 - HKCU\..\Run: [Mcv] C:\WINDOWS\Vdm.exe
O4 - HKCU\..\Run: [Qja] C:\WINDOWS\System32\Jdg.exe
O4 - HKCU\..\Run: [Mmp] C:\WINDOWS\Vdm.exe
O4 - HKCU\..\Run: [Inf] C:\WINDOWS\System32\Ifa.exe
O4 - HKCU\..\Run: [Kmp] C:\WINDOWS\Spu.exe
O4 - HKCU\..\Run: [Kel] C:\WINDOWS\System32\Shp.exe
O4 - HKCU\..\Run: [Kcc] C:\WINDOWS\Qgs.exe
O4 - HKCU\..\Run: [Rbi] C:\WINDOWS\Aco.exe
O4 - HKCU\..\Run: [Qpb] C:\WINDOWS\Pqe.exe
O4 - HKCU\..\Run: [Mfk] C:\WINDOWS\System32\Ope.exe
O4 - HKCU\..\Run: [Vrv] C:\WINDOWS\Aoh.exe
O4 - HKCU\..\Run: [Kov] C:\WINDOWS\System32\Jlj.exe
O4 - HKCU\..\Run: [Plm] C:\WINDOWS\System32\Isu.exe
O4 - HKCU\..\Run: [Qmo] C:\WINDOWS\System32\Uph.exe
O4 - HKCU\..\Run: [Gio] C:\WINDOWS\System32\Kdk.exe
O4 - HKCU\..\Run: [Igh] C:\WINDOWS\Uai.exe
O4 - HKCU\..\Run: [Tdq] C:\WINDOWS\Nve.exe
O4 - HKCU\..\Run: [Afk] C:\WINDOWS\System32\Nja.exe
O4 - HKCU\..\Run: [Lav] C:\WINDOWS\System32\Pqc.exe
O4 - HKCU\..\Run: [Mht] C:\WINDOWS\System32\Pvg.exe
O4 - HKCU\..\Run: [Qki] C:\WINDOWS\Uii.exe
O4 - HKCU\..\Run: [Noj] C:\WINDOWS\System32\Vnp.exe
O4 - HKCU\..\Run: [Crg] C:\WINDOWS\Spu.exe
O4 - HKCU\..\Run: [Pah] C:\WINDOWS\System32\Iga.exe
O4 - HKCU\..\Run: [Reu] C:\WINDOWS\Rle.exe
O4 - HKCU\..\Run: [Qlb] C:\WINDOWS\Rsi.exe
O4 - HKCU\..\Run: [Rsi] C:\WINDOWS\System32\Smr.exe
O4 - HKCU\..\Run: [Kek] C:\WINDOWS\System32\Kac.exe
O4 - HKCU\..\Run: [Pde] C:\WINDOWS\System32\Npa.exe
O4 - HKCU\..\Run: [Ibk] C:\WINDOWS\Luj.exe
O4 - HKCU\..\Run: [Qgb] C:\WINDOWS\Jeb.exe
O4 - HKCU\..\Run: [Tlo] C:\WINDOWS\System32\Uud.exe
O4 - HKCU\..\Run: [Rdf] C:\WINDOWS\System32\Jno.exe
O4 - HKCU\..\Run: [Hml] C:\WINDOWS\Bom.exe
O4 - HKCU\..\Run: [Scd] C:\WINDOWS\System32\Mtk.exe
O4 - HKCU\..\Run: [Qpq] C:\WINDOWS\System32\Ibp.exe
O4 - HKCU\..\Run: [Eio] C:\WINDOWS\System32\Vbd.exe
O4 - HKCU\..\Run: [Dfv] C:\WINDOWS\System32\Pkh.exe
O4 - HKCU\..\Run: [Uqq] C:\WINDOWS\System32\Eum.exe
O4 - HKCU\..\Run: [Hlv] C:\WINDOWS\Hve.exe
O4 - HKCU\..\Run: [Dle] C:\WINDOWS\System32\Ati.exe
O4 - HKCU\..\Run: [Tku] C:\WINDOWS\Fjr.exe
O4 - HKCU\..\Run: [Tsp] C:\WINDOWS\Vjq.exe
O4 - HKCU\..\Run: [Pvt] C:\WINDOWS\System32\Msm.exe
O4 - HKCU\..\Run: [Rkr] C:\WINDOWS\Vjh.exe
O4 - HKCU\..\Run: [Lkv] C:\WINDOWS\Mbj.exe
O4 - HKCU\..\Run: [Iut] C:\WINDOWS\Epc.exe
O4 - HKCU\..\Run: [Nan] C:\WINDOWS\System32\Ctp.exe
O4 - HKCU\..\Run: [Bft] C:\WINDOWS\System32\Tvc.exe
O4 - HKCU\..\Run: [Gni] C:\WINDOWS\Vvs.exe
O4 - HKCU\..\Run: [Cpe] C:\WINDOWS\System32\Ofo.exe
O4 - HKCU\..\Run: [Thq] C:\WINDOWS\System32\Kjo.exe
O4 - HKCU\..\Run: [Ofi] C:\WINDOWS\Gad.exe
O4 - HKCU\..\Run: [Brr] C:\WINDOWS\Adj.exe
O4 - HKCU\..\Run: [Ifp] C:\WINDOWS\System32\Tij.exe
O4 - HKCU\..\Run: [Qqr] C:\WINDOWS\Jdp.exe
O4 - HKCU\..\Run: [Dem] C:\WINDOWS\System32\Bub.exe
O4 - HKCU\..\Run: [Usm] C:\WINDOWS\Jbd.exe
O4 - HKCU\..\Run: [Bbg] C:\WINDOWS\Smm.exe
O4 - HKCU\..\Run: [Vka] C:\WINDOWS\Odd.exe
O4 - HKCU\..\Run: [Qmf] C:\WINDOWS\Jtm.exe
O4 - HKCU\..\Run: [Fue] C:\WINDOWS\System32\Luk.exe
O4 - HKCU\..\Run: [Qas] C:\WINDOWS\System32\Svg.exe
O4 - HKCU\..\Run: [Ffh] C:\WINDOWS\System32\Mep.exe
O4 - HKCU\..\Run: [Sgg] C:\WINDOWS\System32\Bpf.exe
O4 - HKCU\..\Run: [Ksk] C:\WINDOWS\Mou.exe
O4 - HKCU\..\Run: [Fer] C:\WINDOWS\Gfe.exe
O4 - HKCU\..\Run: [Kko] C:\WINDOWS\System32\Tth.exe
O4 - HKCU\..\Run: [Vlp] C:\WINDOWS\Vqc.exe
O4 - HKCU\..\Run: [Cbs] C:\WINDOWS\Urg.exe
O4 - HKCU\..\Run: [Adu] C:\WINDOWS\System32\Rfv.exe
O4 - HKCU\..\Run: [Bot] C:\WINDOWS\Trn.exe
O4 - HKCU\..\Run: [Bqm] C:\WINDOWS\System32\Uog.exe
O4 - HKCU\..\Run: [Gal] C:\WINDOWS\System32\Apt.exe
O4 - HKCU\..\Run: [Tdn] C:\WINDOWS\Ocs.exe
O4 - HKCU\..\Run: [Tbm] C:\WINDOWS\System32\Emj.exe
O4 - HKCU\..\Run: [Ode] C:\WINDOWS\System32\Qgu.exe
O4 - HKCU\..\Run: [Kqe] C:\WINDOWS\Hnb.exe
O4 - HKCU\..\Run: [Clc] C:\WINDOWS\Jst.exe
O4 - HKCU\..\Run: [Smq] C:\WINDOWS\Sfs.exe
O4 - HKCU\..\Run: [Pnj] C:\WINDOWS\System32\Kie.exe
O4 - HKCU\..\Run: [Eug] C:\WINDOWS\Mqp.exe
O4 - HKCU\..\Run: [Iqj] C:\WINDOWS\System32\Rjv.exe
O4 - HKCU\..\Run: [Bbb] C:\WINDOWS\Lil.exe
O4 - HKCU\..\Run: [Ejg] C:\WINDOWS\System32\Dje.exe
O4 - HKCU\..\Run: [Mpt] C:\WINDOWS\Qvr.exe
O4 - HKCU\..\Run: [Gfr] C:\WINDOWS\Vgv.exe
O4 - HKCU\..\Run: [Qvd] C:\WINDOWS\Hgg.exe
O4 - HKCU\..\Run: [Sds] C:\WINDOWS\Qbd.exe
O4 - HKCU\..\Run: [Ahg] C:\WINDOWS\Jsk.exe
O4 - HKCU\..\Run: [Flg] C:\WINDOWS\System32\Rtg.exe
O4 - HKCU\..\Run: [Jhe] C:\WINDOWS\Lod.exe
O4 - HKCU\..\Run: [Nud] C:\WINDOWS\System32\Ndi.exe
O4 - HKCU\..\Run: [Ulb] C:\WINDOWS\Lcd.exe
O4 - HKCU\..\Run: [Prn] C:\WINDOWS\Jit.exe
O4 - HKCU\..\Run: [Icn] C:\WINDOWS\System32\Uar.exe
O4 - HKCU\..\Run: [Hnf] C:\WINDOWS\Fln.exe
O4 - HKCU\..\Run: [Ofu] C:\WINDOWS\System32\Rkg.exe
O4 - HKCU\..\Run: [Kke] C:\WINDOWS\System32\Afe.exe
O4 - HKCU\..\Run: [Eek] C:\WINDOWS\System32\Ieh.exe
O4 - HKCU\..\Run: [Bks] C:\WINDOWS\Fdc.exe
O4 - HKCU\..\Run: [Eeb] C:\WINDOWS\System32\Cna.exe
O4 - HKCU\..\Run: [Mic] C:\WINDOWS\System32\Lgv.exe
O4 - HKCU\..\Run: [Bvm] C:\WINDOWS\Tlu.exe
O4 - HKCU\..\Run: [Opg] C:\WINDOWS\System32\Les.exe
O4 - HKCU\..\Run: [Lsu] C:\WINDOWS\System32\Vgs.exe
O4 - HKCU\..\Run: [Gij] C:\WINDOWS\Stu.exe
O4 - HKCU\..\Run: [Udc] C:\WINDOWS\System32\Bks.exe
O4 - HKCU\..\Run: [Mrt] C:\WINDOWS\System32\Koe.exe
O4 - HKCU\..\Run: [Hup] C:\WINDOWS\Ajm.exe
O4 - HKCU\..\Run: [Ohh] C:\WINDOWS\Rrh.exe
O4 - HKCU\..\Run: [Gjd] C:\WINDOWS\Gdi.exe
O4 - HKCU\..\Run: [Php] C:\WINDOWS\Duq.exe
O4 - HKCU\..\Run: [Ltk] C:\WINDOWS\System32\Mrs.exe
O4 - HKCU\..\Run: [Vap] C:\WINDOWS\System32\Lpq.exe
O4 - HKCU\..\Run: [Ufr] C:\WINDOWS\Cja.exe
O4 - HKCU\..\Run: [Snu] C:\WINDOWS\Equ.exe
O4 - HKCU\..\Run: [Lvo] C:\WINDOWS\Rmf.exe
O4 - HKCU\..\Run: [Uah] C:\WINDOWS\System32\Onn.exe
O4 - HKCU\..\Run: [Qdv] C:\WINDOWS\System32\Kqt.exe
O4 - HKCU\..\Run: [Tsq] C:\WINDOWS\System32\Faj.exe
O4 - HKCU\..\Run: [Hiu] C:\WINDOWS\Fsq.exe
O4 - HKCU\..\Run: [Vok] C:\WINDOWS\System32\Qih.exe
O4 - HKCU\..\Run: [Gir] C:\WINDOWS\Fct.exe
O4 - HKCU\..\Run: [Nho] C:\WINDOWS\System32\Pso.exe
O4 - HKCU\..\Run: [Abm] C:\WINDOWS\Vhe.exe
O4 - HKCU\..\Run: [Tid] C:\WINDOWS\System32\Cjk.exe
O4 - HKCU\..\Run: [Njb] C:\WINDOWS\Gof.exe
O4 - HKCU\..\Run: [Oug] C:\WINDOWS\Tht.exe
O4 - HKCU\..\Run: [Opf] C:\WINDOWS\Uta.exe
O4 - HKCU\..\Run: [Jff] C:\WINDOWS\System32\Pjv.exe
O4 - HKCU\..\Run: [Iaa] C:\WINDOWS\Npr.exe
O4 - HKCU\..\Run: [Kbr] C:\WINDOWS\Ooq.exe
O4 - HKCU\..\Run: [Asm] C:\WINDOWS\Dnk.exe
O4 - HKCU\..\Run: [Rem] C:\WINDOWS\System32\Cbb.exe
O4 - HKCU\..\Run: [Gme] C:\WINDOWS\System32\Gll.exe
O4 - HKCU\..\Run: [Ikd] C:\WINDOWS\System32\Ivd.exe
O4 - HKCU\..\Run: [Som] C:\WINDOWS\System32\Vlf.exe
O4 - HKCU\..\Run: [Nfs] C:\WINDOWS\Htu.exe
O4 - HKCU\..\Run: [Ptu] C:\WINDOWS\Gco.exe
O4 - HKCU\..\Run: [Snn] C:\WINDOWS\Bds.exe
O4 - HKCU\..\Run: [Jvd] C:\WINDOWS\System32\Lfs.exe
O4 - HKCU\..\Run: [Nob] C:\WINDOWS\Hvm.exe
O4 - HKCU\..\Run: [Mnt] C:\WINDOWS\System32\Njd.exe
O4 - HKCU\..\Run: [Kai] C:\WINDOWS\Ijv.exe
O4 - HKCU\..\Run: [Cdb] C:\WINDOWS\Rqd.exe
O4 - HKCU\..\Run: [Bui] C:\WINDOWS\Sjh.exe
O4 - HKCU\..\Run: [Epi] C:\WINDOWS\System32\Skr.exe
O4 - HKCU\..\Run: [Qtt] C:\WINDOWS\System32\Dag.exe
O4 - HKCU\..\Run: [Via] C:\WINDOWS\Ouo.exe
O4 - HKCU\..\Run: [Mcl] C:\WINDOWS\System32\Mjm.exe
O4 - HKCU\..\Run: [Lsp] C:\WINDOWS\Tun.exe
O4 - HKCU\..\Run: [Mbe] C:\WINDOWS\Dmh.exe
O4 - HKCU\..\Run: [Sov] C:\WINDOWS\Sjt.exe
O4 - HKCU\..\Run: [Sro] C:\WINDOWS\Irh.exe
O4 - HKCU\..\Run: [Jcu] C:\WINDOWS\Lju.exe
O4 - HKCU\..\Run: [Rqa] C:\WINDOWS\System32\Ocs.exe
O4 - HKCU\..\Run: [Pfi] C:\WINDOWS\Hae.exe
O4 - HKCU\..\Run: [Pfv] C:\WINDOWS\Qpn.exe
O4 - HKCU\..\Run: [Ljv] C:\WINDOWS\System32\Srm.exe
O4 - HKCU\..\Run: [Krt] C:\WINDOWS\Jfk.exe
O4 - HKCU\..\Run: [Rpt] C:\WINDOWS\Qnn.exe
O4 - HKCU\..\Run: [Umj] C:\WINDOWS\System32\Jlv.exe
O4 - HKCU\..\Run: [Dkq] C:\WINDOWS\System32\Klk.exe
O4 - HKCU\..\Run: [Igi] C:\WINDOWS\System32\Ecv.exe
O4 - HKCU\..\Run: [Kta] C:\WINDOWS\Tno.exe
O4 - HKCU\..\Run: [Grc] C:\WINDOWS\System32\Acp.exe
O4 - HKCU\..\Run: [Nbj] C:\WINDOWS\Jnv.exe
O4 - HKCU\..\Run: [Nom] C:\WINDOWS\System32\Ogo.exe
O4 - HKCU\..\Run: [Nbc] C:\WINDOWS\Dqg.exe
O4 - HKCU\..\Run: [Ihv] C:\WINDOWS\Dum.exe
O4 - HKCU\..\Run: [Uub] C:\WINDOWS\Bps.exe
O4 - HKCU\..\Run: [Ssj] C:\WINDOWS\System32\Fnr.exe
O4 - HKCU\..\Run: [Frd] C:\WINDOWS\System32\Lsv.exe
O4 - HKCU\..\Run: [Hbm] C:\WINDOWS\System32\Amp.exe
O4 - HKCU\..\Run: [Efv] C:\WINDOWS\Plh.exe
O4 - HKCU\..\Run: [Kbq] C:\WINDOWS\Iog.exe
O4 - HKCU\..\Run: [Ogu] C:\WINDOWS\Nti.exe
O4 - HKCU\..\Run: [Krf] C:\WINDOWS\System32\Oka.exe
O4 - HKCU\..\Run: [Qfo] C:\WINDOWS\System32\Apq.exe
O4 - HKCU\..\Run: [Qfr] C:\WINDOWS\System32\Etu.exe
O4 - HKCU\..\Run: [Koa] C:\WINDOWS\Cci.exe
O4 - HKCU\..\Run: [Qin] C:\WINDOWS\System32\Nom.exe
O4 - HKCU\..\Run: [Tdo] C:\WINDOWS\Pro.exe
O4 - HKCU\..\Run: [Klm] C:\WINDOWS\Jnv.exe
O4 - HKCU\..\Run: [Mqb] C:\WINDOWS\Ghc.exe
O4 - HKCU\..\Run: [Hkb] C:\WINDOWS\System32\Baj.exe
O4 - HKCU\..\Run: [Ekt] C:\WINDOWS\Iod.exe
O4 - HKCU\..\Run: [Cnh] C:\WINDOWS\Opr.exe
O4 - HKCU\..\Run: [Aoo] C:\WINDOWS\System32\Alk.exe
O4 - HKCU\..\Run: [Pln] C:\WINDOWS\Mdd.exe
O4 - HKCU\..\Run: [Ukl] C:\WINDOWS\Udb.exe
O4 - HKCU\..\Run: [Vnv] C:\WINDOWS\Kdd.exe
O4 - HKCU\..\Run: [Anf] C:\WINDOWS\Ocr.exe
O4 - HKCU\..\Run: [Tfi] C:\WINDOWS\Kgi.exe
O4 - HKCU\..\Run: [Jul] C:\WINDOWS\System32\Boh.exe
O4 - HKCU\..\Run: [Thc] C:\WINDOWS\Cig.exe
O4 - HKCU\..\Run: [Nau] C:\WINDOWS\Nho.exe
O4 - HKCU\..\Run: [Fbr] C:\WINDOWS\System32\Npo.exe
O4 - HKCU\..\Run: [Mvb] C:\WINDOWS\Hjn.exe
O4 - HKCU\..\Run: [Seo] C:\WINDOWS\Nkn.exe
O4 - HKCU\..\Run: [Gjq] C:\WINDOWS\Kvo.exe
O4 - HKCU\..\Run: [Aju] C:\WINDOWS\Gvr.exe
O4 - HKCU\..\Run: [Sml] C:\WINDOWS\Clq.exe
O4 - HKCU\..\Run: [Fnl] C:\WINDOWS\Rlu.exe
O4 - HKCU\..\Run: [Qjd] C:\WINDOWS\Jcu.exe
O4 - HKCU\..\Run: [Inr] C:\WINDOWS\System32\Gnm.exe
O4 - HKCU\..\Run: [Ala] C:\WINDOWS\System32\Lke.exe
O4 - HKCU\..\Run: [Hdc] C:\WINDOWS\System32\Dds.exe
O4 - HKCU\..\Run: [Bmf] C:\WINDOWS\Tan.exe
O4 - HKCU\..\Run: [Sir] C:\WINDOWS\Hoi.exe
O4 - HKCU\..\Run: [Nls] C:\WINDOWS\Nrd.exe
O4 - HKCU\..\Run: [Qku] C:\WINDOWS\System32\Kgf.exe
O4 - HKCU\..\Run: [Fku] C:\WINDOWS\System32\Fbt.exe
O4 - HKCU\..\Run: [Sfd] C:\WINDOWS\System32\Nkq.exe
O4 - HKCU\..\Run: [Svo] C:\WINDOWS\Uab.exe
O4 - HKCU\..\Run: [Dbs] C:\WINDOWS\Cae.exe
O4 - HKCU\..\Run: [Hhl] C:\WINDOWS\System32\Qjj.exe
O4 - HKCU\..\Run: [Pku] C:\WINDOWS\Jru.exe
O4 - HKCU\..\Run: [Gea] C:\WINDOWS\System32\Qfj.exe
O4 - HKCU\..\Run: [Dqc] C:\WINDOWS\Jji.exe
O4 - HKCU\..\Run: [Ltb] C:\WINDOWS\Lqe.exe
O4 - HKCU\..\Run: [Css] C:\WINDOWS\System32\Llg.exe
O4 - HKCU\..\Run: [Odh] C:\WINDOWS\System32\Doc.exe
O4 - HKCU\..\Run: [Bcc] C:\WINDOWS\Ctc.exe
O4 - HKCU\..\Run: [Kpi] C:\WINDOWS\Vtf.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplane...DC_1_0_0_44.cab
O18 - Protocol: bw+0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {BADA616D-51F7-4663-8EC1-3B84233D2015} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: ntfs32 - C:\WINDOWS\SYSTEM32\ntfs32.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Provides three management service (FreeBSD) - Unknown owner - C:\WINDOWS\System32\dev32.exe
O23 - Service: Debug oupost relations (LAGOS) - Unknown owner - C:\WINDOWS\System32\ahtun.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: W2k PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

Good luck, i will check back often
You guys are the best
  • 0

Advertisements

#2
Kat
Posted 25 April 2005 - 04:24 PM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
We can definitely help you, but first you need to help us. The first step in this process is to apply Service Pack 1a for Windows XP. Without this update, you're wide open to re-infection, and we're both just wasting our time.
Click here: http://www.microsoft...p1/default.mspx
Apply the update, reboot, and post a fresh Hijack This log.

Once you do, there will be steps for you to follow to get rid of the various infections on your pc. I will keep an eye out for the updated log!
  • 0

#3
crazybrker
Posted 25 April 2005 - 04:48 PM

crazybrker

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Bad news, It wont install, it says somthing about a invalid product key, That wierd because this computer has the little sticker on the side of it with the serial number, so it should be good. This is my friends computer BTW so im not sure if he used this serial or another invaid one, is there any way around this without reinstalling windows because i dont have the CD. would you still be able to help me clear this up first later when i get the cd from him we wil have time to reinstall it agian and try the service pack agian
  • 0

#4
Kat
Posted 25 April 2005 - 06:39 PM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
until you can upgrade to SP1, I am unable to help you. We need to be certain that it is a valid copy of Windows, due to a contract we have with Microsoft. I will keep an eye on this thread to watch for the update!
  • 0

#5
Kat
Posted 07 May 2005 - 02:25 AM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member with address of this thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP